Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25

- Free Preparation Discussions

Fortinet Exam FCSS_ADA_AR-6.7 Topic 3 Question 3 Discussion

Actual exam question for Fortinet's FCSS_ADA_AR-6.7 exam

Question #: 3
Topic #: 3

[All FCSS_ADA_AR-6.7 Questions]

Refer to the exhibit.

An administrator wants to remediate the incident from FortiSIEM shown in the exhibit.

What option is available to the administrator?

AQuarantine IP FortiClient

BRun the block domain Windows DNS

CRun the block MAC FortiOS

DRun the block IP FortiOS 5.4
The incident shown in the exhibit indicates that a firewall detected malware but could not remediate it. The firewall identified the EICAR_TEST_FILE virus and logged the source IP (10.0.3.10) as the origin of the threat.
To remediate this, the administrator should take action at the network level, specifically using FortiOS to block the source IP address. The option 'Run the block IP FortiOS 5.4' provides the ability to block traffic from the infected IP at the firewall level, effectively preventing further threats from that source.

Show Suggested Answer

Suggested Answer: D

by Shawna at Apr 03, 2025, 08:47 AM

Limited Time Offer

25%

Off

Get Premium FCSS_ADA_AR-6.7 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Kristel

2 months ago

I'm surprised the firewall couldn't take care of this on its own. Option D is the clear solution to get this under control.

upvoted 0 times

...

Alyssa

2 months ago

Ha! I bet the admin is cursing that EICAR_TEST_FILE right about now. Option D is the obvious choice, block that IP and stop the madness!

upvoted 0 times

Wilda

9 days ago

User 3: The admin better act fast before things get out of hand.

upvoted 0 times

...

Effie

1 months ago

User 2: Definitely, blocking the IP with option D is the way to go.

upvoted 0 times

...

Sharen

1 months ago

User 1: Yeah, that EICAR_TEST_FILE is causing some trouble.

upvoted 0 times

...

...

Rosio

2 months ago

I agree, option D is the way to go here. FortiOS gives you the ability to quickly and easily block the infected IP and prevent further incidents.

upvoted 0 times

Ellen

1 months ago

The firewall logs clearly show the source of the threat, so blocking the IP with FortiOS is the logical next step.

upvoted 0 times

...

Thurman

1 months ago

Agreed, using FortiOS to block the infected IP is the most effective way to prevent future incidents.

upvoted 0 times

...

Tegan

1 months ago

Option D is definitely the best choice in this situation.

upvoted 0 times

...

...

Selene

2 months ago

Definitely go with option D. Blocking the IP address at the firewall level is the most effective way to stop the threat from spreading.

upvoted 0 times

Trina

29 days ago

Blocking the source IP at the firewall level is a proactive approach to security.

upvoted 0 times

...

Aliza

1 months ago

Agreed, option D is the best choice in this situation.

upvoted 0 times

...

Ling

1 months ago

Definitely, blocking the IP address is crucial to prevent further threats.

upvoted 0 times

...

...

Jacquelyne

2 months ago

I'm not sure, but I think option D makes sense. It's important to take action at the network level to remediate the incident.

upvoted 0 times

...

Verda

3 months ago

I agree with Dusti. Blocking the source IP at the firewall level is the best way to prevent further threats from that source.

upvoted 0 times

...

Dusti

3 months ago

I think the answer is D) Run the block IP FortiOS 5.4 because it allows the administrator to block the infected IP at the firewall level.

upvoted 0 times

...